Paper 2013/628

Parallelizable Rate-1 Authenticated Encryption from Pseudorandom Functions

Kazuhiko Minematsu

Abstract

This paper proposes a new scheme for authenticated encryption (AE) which is typically realized as a blockcipher mode of operation. The proposed scheme has attractive features for fast and compact operation. When it is realized with a blockcipher, it requires one blockcipher call to process one input block (i.e. rate-1), and uses the encryption function of the blockcipher for both encryption and decryption. Moreover, the scheme enables one-pass, parallel operation under two-block partition. The proposed scheme thus attains similar characteristics as the seminal OCB mode, without using the inverse blockcipher. The key idea of our proposal is a novel usage of two-round Feistel permutation, where the round functions are derived from the theory of tweakable blockcipher. We also provide basic software results, and describe some ideas on using a non-invertible primitive, such as a keyed hash function.

Note: Added a new variant of OTR (called OTRC) reusing decryption core for AD processing in Appendix D.

Metadata
Available format(s)
PDF
Publication info
A major revision of an IACR publication in EUROCRYPT 2014
Keywords
Authenticated EncryptionBlockcipher ModePseudorandom FunctionOCB
Contact author(s)
k-minematsu @ ah jp nec com
History
2017-06-05: last of 3 revisions
2013-09-30: received
See all versions
Short URL
https://ia.cr/2013/628
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/628,
      author = {Kazuhiko Minematsu},
      title = {Parallelizable Rate-1 Authenticated Encryption from Pseudorandom Functions},
      howpublished = {Cryptology ePrint Archive, Paper 2013/628},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/628}},
      url = {https://eprint.iacr.org/2013/628}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.